Cloud Security Specialist

Having such great solutions, we are looking for a highly motivated Cloud Security Specialist to join our brave and brilliant IT Support Team. What will you do on a daily basis? Monitor and secure cloud environments, primarily on Azure and Google Cloud Platform (GCP), leveraging their built-in security tools and mechanisms and implement custom tools and controls for self-hosted components based on IaaS. Implement and manage security measures for containerized platforms using Kubernetes and Docker, focusing on microservices-based architectures. Design, implement, and maintain DevSecOps solutions in CI/CD pipelines, integrating tools for: code security analysis; vulnerability management and software composition analysis (SCA); security testing for applications and infrastructure. Collaborate with DevOps and development teams to embed “security by design” principles throughout the product development lifecycle. Conduct security audits, including regular penetration tests and vulnerability scans, for both applications and infrastructure. Analyze security incidents, perform root cause investigations, and implement remediation strategies. Develop, implement, and maintain security policies and standards based on best practices (e.g., ISO 27001, NIST CSF, CIS Benchmarks). Provide education and training for teams on application and infrastructure security. ‍ What will make us a perfect match? At least 3 years of experience in IT security, with a focus on cloud-native environments. In-depth knowledge of Kubernetes security (e.g., RBAC, network policies, pod security standards) and hands-on experience managing microservices architectures. Proven experience implementing DevSecOps solutions, including: securing CI/CD pipelines (e.g., GitLab CI/CD, ArgoCD); using tools for code security and vulnerability scanning; automating security processes for application risk management. Proven experience implementing DevSecOps solutions, including: strong expertise in Azure and Google Cloud Platform (GCP) security features and tools (e.g., Azure Security Center, Google Cloud Security Command Center). Strong understanding of security threats and attack techniques relevant to containerized and cloud-native environments. Proficiency with scripting languages (e.g., Python, Bash) to automate security processes. Familiarity with monitoring and logging tools (e.g., Elastic Stack, Prometheus, Grafana). Knowledge of security frameworks and best practices (e.g., OWASP SAMM, NIST CSF) and compliance regulations (e.g., GDPR). Preferred certifications: CKS (Certified Kubernetes Security Specialist), CISSP, Azure/GCP Security Specialty, CEH, or similar. Fluency in Polish (C2) and English (C1).